January 29, 2024
Via: TechRadarConsumers in China looking to access banned communications apps such as Telegram are being targeted by threat actors looking to deploy various malware. This is according to a new report from Malwarebytes’ Jérôme Segura, who found unnamed hackers have been […]
Threats & Malware, Virus & Malware
November 16, 2023
Via: The RegisterAffiliates of the ALPHV/BlackCat ransomware-as-a-service operation are turning to malvertising campaigns to establish an initial foothold in their victims’ systems. Paid adverts for popular business software such as Slack and Cisco AnyConnect are being used to lure corporate victims into […]
Threats & Malware, Virus & Malware
September 8, 2023
Via: The Hacker NewsA new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer (or AMOS), indicating that it’s being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic […]
Threats & Malware, Virus & Malware
July 3, 2023
Via: The Hacker NewsThreat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. “Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations,” Trend […]
Threats & Malware, Virus & Malware
February 6, 2023
Via: The Hacker NewsAn ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the FormBook information-stealing malware. “The loaders, dubbed MalVirt, use obfuscated virtualization for anti-analysis and evasion along with the Windows Process Explorer driver for […]
November 18, 2022
Via: Security WeekDEV-0569 has been relying on malicious ads (malvertising), blog comments, fake forum pages, and phishing links for the distribution of malware. Over the past few months, however, Microsoft noticed that the threat actor has started using contact forms to deliver […]
Cyber-crime, Malware, Threats & Malware, Virus & Malware
October 4, 2019
Via: Hot for SecurityThe eGobbler malvertising threat actor has made a return, this time exploiting a WebKit vulnerability used primarily by iPhone’s Safari browser. Security researchers from Confiant estimate up to 1.16 billion impressions have been compromised since the start of the latest […]
July 24, 2019
Via: Threat PostA widespread and ongoing malicious advertising campaign is exploiting several recently-disclosed WordPress plugin vulnerabilities to redirect website visitors to booby-trapped landing pages. Researchers at Wordfence said that they recently discovered bad actors injecting code into websites with the vulnerable plugins […]
Malware, Threats & Malware, Virus & Malware
January 9, 2019
Via: Threat PostThe whole attack takes place in under a minute. A multi-payload and ongoing malvertising campaign is distributing a newly discovered info-stealer as well as the GandCrab ransomware. The info-stealer is named Vidar, after the Norse god Víðarr, who was the […]
January 3, 2017
Via: Panda SecurityYour company may be losing money because of online advertising. Beyond the success of advertisements when it comes to converting marketing budgets into sales, a singular type of cyberattack threatens to directly affect your company’s accounts. Namely, there exist networks […]
November 16, 2016
Via: Dark ReadingThe Trustworthy Accountability Group (TAG) has launched the TAG “Certified Against Malware” Program as part of its broader effort to eliminate fraudulent traffic, combat Internet piracy, fight malware, and encourage transparency in the digital advertising supply chain. This initiative, which […]
November 1, 2016
Via: DataBreach TodayThe online advertising industry is at an inflection point, and not just from falling ad rates, ad blockers and potential regulation. It’s facing a big security problem, and one that – like many internet-scale problems – will demand close industry […]
October 10, 2016
Via: Security AffairsSpotify users have been targeted by a malvertising campaign, the malicious advertising served to the victims could automatically open a web browser and redirect victims websites hosting malware. Spotify is a popular online music service that allows its users to listen […]
July 5, 2016
Via: MalwarebytesWe have not seen very many large scale malvertising attacks following the mysterious disappearance of the powerful Angler EK. The ones we do see tend to be related to low quality traffic and usually push the less sophisticated RIG or Magnitude […]
June 7, 2016
Via: MalwarebytesMalvertising isn’t only used to infect users via drive-by downloads or to deceitfully push fake software updates. A campaign currently going on via the TrafficHolder adult ad platform leverages the promise of raunchy videos to lure people into ad fraud. […]
May 10, 2016
Via: MalwarebytesWe don’t really hear about it that much, but malvertising can and does target free blogging platforms as well. Just this morning, our friends at Virus Bulletin Martijn Grooten and Adrian Luca wrote about some sites hosted on Google’s Blogspot service pushing tech […]
April 19, 2016
Via: MalwarebytesThe Magnitude EK has been on the forefront of most of the malvertising-driven attacks we have seen in the past few weeks. In fact, the intense activity it is generating is overshadowing other exploit kits and distribution methods such as […]
April 4, 2016
Via: MalwarebytesWhen it comes to malvertising, the Angler exploit kit is almost always the weapon of choice used by cyber criminals to push out malware onto their victims. As we’ve seen in many high profile cases recently, these attacks are also […]
March 17, 2016
Via: Help Net SecurityIn the last couple of days, visitors of a number of highly popular websites have been targeted with malicious adverts that attempted to install malware (mostly ransomware, but also various Trojans) on their systems. The websites in question were those […]
February 26, 2016
Via: MalwarebytesDuring the past few days we have witnessed an increase in the number of malvertising incidents involving the Magnitude exploit kit. The last time we blogged about this was in mid November 2015 and we attributed the event to the fact that Magnitude […]